Personal tools

From HEXONET Wiki

Jump to: navigation, search
Line 7: Line 7:
  
 
For this type of certificate, only the control over the domain, for which the certificate is supposed to be issued, is validated (Domain Control Validation, DCV). Simply put, the applicant has to prove that it is indeed her domain, and not somebody else's.
 
For this type of certificate, only the control over the domain, for which the certificate is supposed to be issued, is validated (Domain Control Validation, DCV). Simply put, the applicant has to prove that it is indeed her domain, and not somebody else's.
 
+
<br>
=== Validation method EMAIL ===
+
<br>
 
+
'''Validation method EMAIL'''<br>
 
The most common way to do this, is to approve a validation email that the certificate issuer sends to an email address that is connected to the domain. For example, if a certificate for example.com is requested, the issuer may send an email to [email protected]. The email usually contains an approval link that the applicant can click as soon as she receives the email.
 
The most common way to do this, is to approve a validation email that the certificate issuer sends to an email address that is connected to the domain. For example, if a certificate for example.com is requested, the issuer may send an email to [email protected]. The email usually contains an approval link that the applicant can click as soon as she receives the email.
 
+
<br>
=== Validation method DNSZONE ===
+
<br>
 
+
'''Validation method DNSZONE'''<br>
 
Another way to prove domain control is to modify the DNS for the domain. For this a certain DNS resource record is added to the zone information of the domain. For example: abcde01234.example.com. CNAME vwxyz56789.example.com.
 
Another way to prove domain control is to modify the DNS for the domain. For this a certain DNS resource record is added to the zone information of the domain. For example: abcde01234.example.com. CNAME vwxyz56789.example.com.
 
+
<br>
=== Validation method URL ===
+
<br>
 
+
'''Validation method URL'''<br>
 
When this method is chosen, domain control must be proven by placing a file with a certain content at the root of the domain. For example: http://example.com/abcde01234.txt having the content vwxyz56789.
 
When this method is chosen, domain control must be proven by placing a file with a certain content at the root of the domain. For example: http://example.com/abcde01234.txt having the content vwxyz56789.
 
== Organization validated SSL certificates (OV) ==
 
 
In addition to Domain Control Validation (DCV),
 

Revision as of 08:36, 14 April 2016

New SSL API - Validation info

Domain validated SSL certificates (DV)

For this type of certificate, only the control over the domain, for which the certificate is supposed to be issued, is validated (Domain Control Validation, DCV). Simply put, the applicant has to prove that it is indeed her domain, and not somebody else's.

Validation method EMAIL
The most common way to do this, is to approve a validation email that the certificate issuer sends to an email address that is connected to the domain. For example, if a certificate for example.com is requested, the issuer may send an email to [email protected]. The email usually contains an approval link that the applicant can click as soon as she receives the email.

Validation method DNSZONE
Another way to prove domain control is to modify the DNS for the domain. For this a certain DNS resource record is added to the zone information of the domain. For example: abcde01234.example.com. CNAME vwxyz56789.example.com.

Validation method URL

When this method is chosen, domain control must be proven by placing a file with a certain content at the root of the domain. For example: http://example.com/abcde01234.txt having the content vwxyz56789.